Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
ANSIBLE + WORDPRESS
WORDCAMP TORONTO 2016
ALAN LOK
FOLLOW ALONG WITHOUT TAKING PICTURES!
THE GOODS
• Slides

http://www.slideshare.net/
alanlok1/ansible-wordpress-
wordcamp-...
BECAUSE YOU NEED THEM
GOALS
• Simple* and repeatable installs
• Automate your tasks
*Simple ≠ Easy
Sorry, everything takes...
MASTER
(WORDPRESS)

BUILDER?
ARE YOU A
CC, Source: Flickr/VGB.Studios
A TOOL FOR ALL OF US
ANSIBLE
• Automate machine
provisioning and
deployments
• Agentless
• Configuration
management
• Idem...
(TELL ME THE MAGIC)
HOW DOES ANSIBLE FIT IN?
• An orchestration machine with a usable shell prompt (*NIX)
• Server(s) acce...
http://docs.ansible.com/ansible/intro_installation.html
HOW TO INSTALL ANSIBLE
• CentOS/RH/Amazon Linux:

sudo yum install...
BASICS
ANSIBLE
THE THING YOU DO
TASK AND HANDLER
• A task is the most granular
“thing” you do. For example:
• Copy a file
• Start a proce...
A CONTAINER FOR TASKS AND HANDLERS
ROLES
• Roles are sets of tasks and
handlers that Ansible
executes
• Think shell script...
HOW ANSIBLE STITCHES IT TOGETHER
PLAYBOOK
• A playbook is a
collection of plays
• A play is a
collection of roles
• One ca...
CONFIGURATION MANAGEMENT’S BEST FRIEND
VARIABLES
• Variables can be specified at 3
levels
• Global (config / env /
command...
DEFINING WHO WE ARE
HOSTS
• A play can target a host or a
group of hosts
• Inventory may be static or
dynamic (eg. AWS)
• ...
TOGETHER
PUTTING IT ALL
CONFIGURE A HOST
1.Make a SSH key pair

ssh-keygen -t ecdsa -f deploy
2.Copy your key file to the host (deploy.pub) and

a...
http://docs.ansible.com/ansible/intro_inventory.html
CREATE YOUR HOST FILE
[wordpress]
172.16.12.146 ansible_user=alan ans...
YOU DON’T HAVE TO WRITE EVERY ROLE
DOWNLOAD SOME ROLES
ansible-galaxy install sbaerlocher.wp-cli
ansible-galaxy install li...
BECAUSE NOT ALL ROLES WORK OUT OF THE BOX
MODIFING GALAXY ROLES
• Let’s check out 2 roles I modified

https://github.com/a...
FILES IN YOUR STRUCTURE
CREATING YOUR OWN PLAYBOOK
•vault
•wordpress-simple.yml
•group_vars
•wordpress
•config
•roles
•ans...
SECRET SAUCE TO MAKE IT UNIQUE
THE GROUP VARIABLES
---
apache_user: "apache"
apache_group: "apache"
wp_version: 4.5
wp_sit...
SECURE YOUR SECRETS
ANSIBLE-VAULT
• Create your own password variables by running

ansible-vault create vault/wordpress-si...
THE PLAYBOOK
- hosts: wordpress
become: yes
vars_files:
- vault/wordpress-simple.yml
roles:
- geerlingguy.apache
- role: l...
LET’S RUN THIS…
ansible-playbook --ask-
vault-pass -i hosts
wordpress-simple.yml
SORTA?
IT’S DEPLOYED…
THE REAL VOODOO
LET’S RUN SOME AD-HOC COMMANDS
• Configure WordPress for the first time

ansible -i hosts wordpress --beco...
”
“
— The LEGO® Movie
EVERYTHING IS AWESOME!!!
THANKS
@alan_lok
Upcoming SlideShare
Loading in …5
×

Ansible + WordPress - WordCamp Toronto 2016

407 views

Published on

Repeatable WordPress Installs with Ansible, presented at WordCamp Toronto 2016

Published in: Technology
  • Be the first to comment

Ansible + WordPress - WordCamp Toronto 2016

  1. 1. ANSIBLE + WORDPRESS WORDCAMP TORONTO 2016 ALAN LOK
  2. 2. FOLLOW ALONG WITHOUT TAKING PICTURES! THE GOODS • Slides
 http://www.slideshare.net/ alanlok1/ansible-wordpress- wordcamp-toronto-2016 • Code
 https://github.com/alanlok/ wcto2016-ansible-playbook
  3. 3. BECAUSE YOU NEED THEM GOALS • Simple* and repeatable installs • Automate your tasks *Simple ≠ Easy Sorry, everything takes effort
  4. 4. MASTER (WORDPRESS)
 BUILDER? ARE YOU A CC, Source: Flickr/VGB.Studios
  5. 5. A TOOL FOR ALL OF US ANSIBLE • Automate machine provisioning and deployments • Agentless • Configuration management • Idempotent
  6. 6. (TELL ME THE MAGIC) HOW DOES ANSIBLE FIT IN? • An orchestration machine with a usable shell prompt (*NIX) • Server(s) accessible by SSH to orchestrate changes SSH
  7. 7. http://docs.ansible.com/ansible/intro_installation.html HOW TO INSTALL ANSIBLE • CentOS/RH/Amazon Linux:
 sudo yum install ansible • Debian:
 sudo apt-get install ansible • OS X:
 sudo easy_install pip; sudo pip install ansible • Windows: sorry :(
  8. 8. BASICS ANSIBLE
  9. 9. THE THING YOU DO TASK AND HANDLER • A task is the most granular “thing” you do. For example: • Copy a file • Start a process • Create a file using Jinja2 syntax • Tasks are linear, whereas handlers are invoked by task completion (similar to WordPress hooks) • Tasks can loop, and may contain conditional evaluation
  10. 10. A CONTAINER FOR TASKS AND HANDLERS ROLES • Roles are sets of tasks and handlers that Ansible executes • Think shell script, but better organized and easier to read • Roles can have default variables, and be overridden by a play
  11. 11. HOW ANSIBLE STITCHES IT TOGETHER PLAYBOOK • A playbook is a collection of plays • A play is a collection of roles • One can assign plays to a host or host group http://docs.ansible.com/ansible/playbooks.html
  12. 12. CONFIGURATION MANAGEMENT’S BEST FRIEND VARIABLES • Variables can be specified at 3 levels • Global (config / env / command line) • Play • Host • Don’t hard code configuration, leverage variables and set defaults for overriding {x}http://docs.ansible.com/ansible/playbooks_variables.html
  13. 13. DEFINING WHO WE ARE HOSTS • A play can target a host or a group of hosts • Inventory may be static or dynamic (eg. AWS) • Specific host-related information to access server • User must have sudo privileges to perform system tasks
  14. 14. TOGETHER PUTTING IT ALL
  15. 15. CONFIGURE A HOST 1.Make a SSH key pair
 ssh-keygen -t ecdsa -f deploy 2.Copy your key file to the host (deploy.pub) and
 append the file contents to ~/.ssh/authorized_keys 3.Ansible user needs sudo access (or “become” won’t work) 4.Install python modules python-httplib2 and libselinux-python
  16. 16. http://docs.ansible.com/ansible/intro_inventory.html CREATE YOUR HOST FILE [wordpress] 172.16.12.146 ansible_user=alan ansible_ssh_private_key_file=deploy Host Group IP or FQDN Ansible options
  17. 17. YOU DON’T HAVE TO WRITE EVERY ROLE DOWNLOAD SOME ROLES ansible-galaxy install sbaerlocher.wp-cli ansible-galaxy install linuxhq.ius ansible-galaxy install geerlingguy.apache ansible-galaxy install geerlingguy.php ansible-galaxy install geerlingguy.mysql ansible-galaxy install geerlingguy.php-mysql ansible-galaxy install geerlingguy.firewall
  18. 18. BECAUSE NOT ALL ROLES WORK OUT OF THE BOX MODIFING GALAXY ROLES • Let’s check out 2 roles I modified
 https://github.com/alanlok/ansible-role-wordpress.git
 https://github.com/alanlok/ansible-role-wordpress-apache.git • Modified from ansible-galaxy author darthwade’s roles • Made more variables available for customization • Made roles RedHat Linux friendly • You can write your own roles too!
  19. 19. FILES IN YOUR STRUCTURE CREATING YOUR OWN PLAYBOOK •vault •wordpress-simple.yml •group_vars •wordpress •config •roles •ansible-role-wordpress •ansible-role-wordpress-apache •hosts •wordpress-simple.yml YAML file containing your
 host group’s variables Your custom roles
 in the roles directory Which hosts should Ansible act on Your playbook Where I like to keep my secrets
  20. 20. SECRET SAUCE TO MAKE IT UNIQUE THE GROUP VARIABLES --- apache_user: "apache" apache_group: "apache" wp_version: 4.5 wp_site_name: 'site1' wp_install_dir: '/var/www/html/{{ wp_site_name }}' wp_db_name: '{{ wp_site_name }}' wp_db_user: '{{ wp_site_name }}_user' wp_db_host: 'localhost' wp_apache_hostname: '{{ wp_site_name }}.vm' Yup, how else can I give a demo!
  21. 21. SECURE YOUR SECRETS ANSIBLE-VAULT • Create your own password variables by running
 ansible-vault create vault/wordpress-simple.yml • This ansible file is encrypted once you save:
 ---
 wp_db_password: 'password'
 admin_db_password: 'root'
  22. 22. THE PLAYBOOK - hosts: wordpress become: yes vars_files: - vault/wordpress-simple.yml roles: - geerlingguy.apache - role: linuxhq.ius ius_repos: ius: True - geerlingguy.php - geerlingguy.mysql - geerlingguy.firewall - geerlingguy.php-mysql - ansible-role-wordpress - ansible-role-wordpress-apache - sbaerlocher.wp-cli
  23. 23. LET’S RUN THIS… ansible-playbook --ask- vault-pass -i hosts wordpress-simple.yml
  24. 24. SORTA? IT’S DEPLOYED…
  25. 25. THE REAL VOODOO LET’S RUN SOME AD-HOC COMMANDS • Configure WordPress for the first time
 ansible -i hosts wordpress --become -a "sudo -u apache wp core install --url=site1.vm --title="Yet another demo" --admin_user =alan --admin_password=alan --admin_email="alan@wlx.ca" --path =/var/www/html/site1" • Update WordPress
 ansible -i hosts wordpress --become -a "sudo -u apache wp core update —path=/var/www/html/site1" • Update server:
 ansible -i hosts wordpress --become -a "yum update -y" • Reboot server:
 ansible -i hosts wordpress --become -a "reboot"
  26. 26. ” “ — The LEGO® Movie EVERYTHING IS AWESOME!!!
  27. 27. THANKS @alan_lok

×